Another Amnesty International branch was hacked, the Catholic Diocese of Las Vegas was compromised and more.
Welcome to Cyber Security Today. It’s Monday, May 1st. 2023 I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
The Australian branch of human rights group Amnesty International just acknowledged suffering a data breach last year. According to the news site Gizmodo, on Friday the branch emailed supporters that their data may be at risk. The breach was noticed in December. The hacker gained temporary access to what the branch says was “low risk” information of people who made donations in 2019. This isn’t the first hack of an Amnesty International branch. In December, Amnesty Canada said a suspected Chinese-based threat actor was in its system for 17 months before being detected.
The Catholic Diocese of Las Vegas says it was hit by a data breach. Sensitive information of volunteers, parishioners, donors and other stakeholders was potentially exposed in March. Not involved were employee payroll and benefits information, or Catholic Stewardship Appeal information.
Hackers who take over the payment forms of e-commerce sites to steal the credit and debit card information of shoppers are getting better at their work. Researchers at Malwarebytes said recently they were almost fooled by the malicious duplicate checkout page on the online website of a Paris travel accessory store. The convincing fake skimmer page had original logos for its replica form. Attackers are able to do this by inserting frames or layers in web pages that aren’t well-protected. So website administrators have to take extra precautions to make sure their sites can’t be compromised.: First, limit the number of people who have admin access to web pages. Second, make sure those with access have passwords protected with multifactor authentication. And third, regularly compare web page code with the original code to make sure there have been no unapproved changes.
A number of Asia-Pacific countries, including Canada and the U.S. recognize the first week of May as Privacy Awareness Week. So, in case you missed January’s Data Privacy Week, here are a few things to remember: If you’re a business or IT leader for an organization, make sure you have a data privacy plan. It will help if you find, respect and encourage employees to be privacy champions. Then train all staff in your data privacy procedures and in how to respond to breaches of security controls. Individuals should make sure their internet-connected devices — including routers — have the latest security updates. Remember if your router, smartphone or computer can’t get updates anymore then it’s a security risk. And please, I know it takes time, but read the fine print for every service and application you sign up for. There may be little things like, ‘We have the right to your data for the next 10 years.’
How eager are threat actors to infect Android devices? Very. In a report Google says last year it prevented over 1.4 million apps from being published on the Play store because they violated its privacy or malware policies. Not only that, it banned 173,000 accounts of developers who deposited bad apps on the site. Still, threat actors sometimes manage to slip apps past the checks. Which is why it’s important for you to be careful and research everything before downloading anything on your Android device. Same goes for your Apple, Windows or Linux devices.
It’s not only mobile apps that can hide malware. It also gets hidden in bootleg versions of commercial software. People think they’re getting a deal by not paying for software. The odds are what they really get is a computer infection. I mention this because a new version of the ViperSoftX malware has been spotted by researchers at Trend Micro. Typically the crooks behind this malware hide it in supposedly free versions of utilities and games. This particular malware looks for cryptocurrency wallets and personal data, so the victims are often individuals. However, Trend Micro is seeing more companies infected with this malware. That suggests people working from home or freelancers looking to save money are being hit. Please remember, downloading free versions software you are supposed to pay for is risky.
More lessons from Russia’s cyber war against Ukraine: A Russian-linked threat group is sending phishing messages to Ukrainian government departments with fake Windows Update instructions. The instructions tell recipients to launch a Windows command line and execute a PowerShell Command. Victims who do this have their computers infected. There is at least one clue this message is a fake: While the email address of the sender has the name of a real government employee, it comes from @outlook.com, which is not a government domain.
Finally, a team from a French-based company called Thales has shown a satellite can be hacked. At a European conference last week the team showed how they took control over a European Space Agency demonstration satellite. This was in response to an ethical hacking challenge by the space agency, which wants to learn how to make satellites more cyber-resilient. The researchers used standard access rights to gain control of the satellite’s application environment and then exploited several vulnerabilities to introduce malicious code into the satellite’s system.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.